CN105718805A - Cloud-computing trust management method based on evaluation confidence degree - Google Patents

Abstract

The invention relates to a cloud-computing trust management method based on the evaluation confidence degree.The cloud-computing trust management method includes the steps that according to computing of the transaction satisfaction degree, the evaluation satisfaction degree and the evaluation confidence degree, malicious users are eliminated, and trust feedback is obtained; creditworthiness computing, collusion feedback detecting and witch attack detecting are combined to obtain the accurate trust result of a service.By means of the cloud-computing trust management method, misleading feedback in misleading feedback and witch attack in collusion attacks can be effectively detected, a confidence degree formula is built, and users can more effectively select a real and trustworthy cloud service provider accordingly.

Description

Based on the cloud computing trust management method evaluating credibility

Technical field

The present invention relates to a kind of based on the cloud computing trust management method evaluating credibility.

Background technology

Cloud computing is based on the increase of the related service of the Internet, uses and delivery mode, is usually directed to provide dynamically easily extension by the Internet and is often virtualized resource.Cloud computing, as a kind of new resources occupation mode, changes the pattern of traditional services, changes traditional IT mode, but do not change traditional security situation.Cloud service is highly dynamic due to it, distributed, and the feature such as non-transparency so that the trust management in cloud environment becomes a challenging problem.

Chinese scholars research in this regard has been achieved for great achievement: Zhang Lin et al.^[1]The basis of Fuzzy Set Theory proposes a kind of Trust Valuation Model for network environment, and introduces the interaction experiences of middle recommended node, embody the significance of subjective factors.Tian Liqin et al.^[2]With reference to the requirement of the characteristic of society's trust and computer trust evaluation, it is proposed to the Behavior trustworthiness quantitative evaluation mechanism of double; two sliding windows of a kind of Behavior-based control evidence.Tian Junfeng et al.^[3]Propose a kind of cloud user behavior based on multi-section figure and assert model, solve trustworthy user behavior sex chromosome mosaicism in cloud service.Wang Ruchuan et al.^[4]Propose a kind of based on the dynamic trust evaluation model evaluating credibility, service ability and the required service ability of cloud user of cloud service provider are respectively divided grade by this model, efficiently solve cloud service provider ability and dynamically change the Latent destruction problem that model is existed.Zhou Qian et al.^[5]Adopting AHP fuzzy theory framework to give the model under cloud environment, user security defendd, but adopt 3 scaling laws, problem analysis subjectivity is crossed strong and not accurate enough.Lv Yanxia et al.^[6]The basis of traditional F AHP method establishes in cloud computing and solve users to trust problem based on the defence model trusted, the fuzzy analytic net process based on Triangular Fuzzy Number is adopted to use fuzzy number to reflect the ambiguity of expert judging, and the weight of each attribute of networks congestion control has been carried out quantum chemical method, make evaluation result more objective.Brosso et al.^[7]A kind of continuous Verification System being based upon on user behavior analysis is proposed, it is extracted the behavior evidence of user, and user is divided into different reliability ratings, is not stopped to update the data base of user behavior by nerual fuzzy logic, keep reliability and the accuracy of user behavior.Wang Shouxin et al.^[8]Based on trusting Clouds theory, it is proposed that a kind of Subjective Trust Model, use trust change cloud to portray the changing condition of degree of belief, the research of subjective trust evaluation is served promotion effect.

The application outlines the design concept of cloud computing trust management: based on the trust management framework of prestige in cloud environment.In this framework, TMS (trust management service TrustManagementService) crosses over the management feedback with a scattered manner of some distributed nodes, and trusting is be passed as one service.This framework can distinguish feeding back reliably from malice feedback.In short, its feature has:

(1) reliable model: in trust management services, the reliability of feedback is critical problem.Therefore, it is proposed that several for the evaluation index ganging up feedback detection, feedback is ganged up including feedback density and intermittence.These indexs can distinguish the misleading feedback from malicious user, moreover it is possible to detect sporadic gang up sexual assault (some be intended to assailants of manipulation trust evaluation results by send within a period of time a large amount of trust feed back to specific cloud service provider and achieve the goal).

(2) available model: trust management service is very important by high availability.Therefore, it is proposed that manage, by launching some distributed points, the feedback that user provides.Load balancing techniques is used for sharing workload, thus maintaining a required availability level.TMS number of nodes is operated by power measurement and determines.

Summary of the invention

It is an object of the invention to provide a kind of based on the cloud computing trust management method evaluating credibility, the method can effectively detect the misleading feedback in conspiracy attack, and Sybil attack, and the credibility formula by setting up so that user can the really credible cloud service provider of more effective selection.

For achieving the above object, the technical scheme is that a kind of based on the cloud computing trust management method evaluating credibility, owing to can affect the credit worthiness of cloud service from the malice evaluation of user, the calculating of feedback credibility need to be carried out for this, to reject malicious user evaluation, namely rejecting incredible feedback of trusting, concrete calculating process is as follows:

IfRepresent user subject c_iAt t_kThe service entities s of reception_jThe set of the Service Properties metric provided, t_kRepresent the time of kth time transaction, and

$W_{c_i\→s_j}^{t_k}(c_i,s_j,t_k)=\{W_{c_i\→s_j,{\mathrm{Mr}}_1}^{t_k},......,W_{c_i\→s_j,{\mathrm{Mr}}_p}^{t_k}\}$

Represent user subject c_iAt t_kThe service entities s that reception arrives_jThe t the metric Mr provided_tService quality, and $0\≤W_{c_i\→s_j,{\mathrm{Mr}}_1}^{t_k},......,W_{c_i\→s_j,{\mathrm{Mr}}_p}^{t_k}\≤1;$

S1: calculate transaction satisfaction:

User subject c_iAccording to service entities s_jIt is supplied to oneself service ability and s_jThe service ability oneself declared compares, according to mathematic interpolation satisfaction；With ρ (c_i,s_j,t_k) represent user subject c_iTo service entities s_jAt t_kThe satisfaction of the service that the moment provides, calculation is as follows:

$\mathrm{\ρ}(c_i,s_j,t_k)=\underset{t=1}{\overset{p}{\Σ}}{\mathrm{\δ}}_{c_i\→s_j,{\mathrm{Mr}}_t}^{t_k}$

Being the satisfaction of single Service Properties metric, computational methods are as follows:

${\mathrm{\&delta;}}_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}=\left\{\begin{array}{c}1,W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}-W_{s_j,{\mathrm{Mr}}_t}^{t_k}\&GreaterEqual;0\\ {\mathrm{\&gamma;}}^{\left|W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}-W_{s_j,{\mathrm{Mr}}_t}^{t_k}\right|},W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}-W_{s_j,{\mathrm{Mr}}_t}^{t_k}<0\end{array}\right.$

In formula,Represent service entities s_jAt t_kThe t Service Properties Mr that moment is declared_tQuality, andWhenTime, it was shown that service entities s_jMeet user subject c_iDemand, now transaction satisfaction be 1；WhenTime, it was shown that service entities s_jThe service ability provided and user subject c_iDemand there is deviation, deviation is more big,Value more little, wherein 0 < γ < 1；

Ageing for ensureing that calculating has, introduce time window concept win；When calculating credibility only with the record in win；Time window mechanism is time per unit section, and time window win moves forward the length of a unit；

According to user subject c in time window win_iTo service entities s_jSatisfaction of every time concluding the business, obtain service entities s_jDirect dealing degree of belief:

$T_{c_i,s_j}^{t_r}=\frac{\mathrm{\&psi;}\left(f_{c_i}^{t_r}\right)\underset{k=z}{\overset{r}{\&Sigma;}}u\left(k\right)\mathrm{\&rho;}(c_i,s_j,t_k)}{\underset{k=z}{\overset{r}{\&Sigma;}}u\left(k\right)}$

Wherein,Current time t_r, user subject c_iThe number of times concluded the business in time window win isFor transaction count function, expression more many services of transaction count in time window win are more credible；U (k) is time attenuation function, order0 < τ < 1；

S2: Calculation Estimation satisfaction:

According to service entities s_jCredit worthinessWith user subject c_iTo s_jEvaluate produce direct dealing degree of beliefMathematic interpolation evaluate satisfaction；WithRepresent service entities s_jTo user subject c_iThe evaluation satisfaction provided；

If service entities s_jDistance current time t_rThe credit worthiness of last update isThen

${\mathrm{\&eta;}}_{s_j,c_i}^{t_r}=\left\{\begin{array}{c}{\mathrm{\&beta;}}^{\left|T_{c_i,s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_r-1}\right|},\left|T_{c_i.s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_{r-1}}\right|\&le;\mathrm{\&theta;}\\ -{\mathrm{\&beta;}}^{\left|T_{c_i,s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_r-1}\right|},\left|T_{c_i.s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_{r-1}}\right|>\mathrm{\&theta;}\end{array}\right.$

In formula, θ is threshold value；WhenTime, owing to the direct dealing degree of belief of this user is closer to the credit worthiness of this service, it was shown that user evaluates relatively true, and the more little validity of difference is more high；WhenTime, represent that user evaluates and untrue；Wherein, 0 < β < 1；

S3: Calculation Estimation credibility:

According to the repeatedly evaluation satisfaction in time window win, user subject c_iTo service entities s_jFeedback credibility drawn by below equation:

${\mathrm{EH}}_{c_i,s_j}^{t_r}=\frac{\underset{t_k\&Subset;win}{\overset{t_r}{\&Sigma;}}{\mathrm{\&eta;}}_{s_j,c_i}^{t_r}}{f_{c_i}^{t_r}}$

With user subject c in time window win_iThe service entities collection being traded is: P={s₁,……,s_n, user subject c_iFinal credibility of evaluating be:

${\mathrm{EH}}_{c_i}^{t_r}=\frac{\underset{t=1}{\overset{n}{\&Sigma;}}{\mathrm{EH}}_{c_i,s_t}^{t_r}}{\left|P\right|}$

Wherein, | P | represents the quantity of service entities in set P；

S4: calculate credit worthiness:

According to all users, the transaction trust degree of service be can be derived that the credit worthiness of this service entities, the user tried to achieve before is evaluated credibility as corresponding weight；

With service entities s in time window win_jThe user subject set being traded is C₁={ c₁,…,c_n, then service entities s_jCredit worthiness can be obtained by below equation:

${\mathrm{TD}}_{s_j}^{t_r}=\frac{\underset{i=1}{\overset{n}{\&Sigma;}}{\mathrm{EH}}_{c_i}^{t_r}{T}_{c_i,s_j}^{t_r}}{\left|C_1\right|}.{\mathrm{\&lambda;}}^{\frac{1}{\left|C_1\right|}}$

Wherein, | C₁| represent the quantity of user subject, λ ∈ (0,1), be used for representing in time window win and service entities s_jThe number of users being traded is more many, then service entities s_jCredibility is more high.

In an embodiment of the present invention, for increasing the accuracy trusting credible result degree, described method also includes the process that the trust feedback drawn after evaluation credibility rejects malicious user carries out conspire to feed back detecting, specific as follows:

(2.1) the feedback density formula setting up cloud service s is as follows:

$D\left(s\right)=\frac{M\left(s\right)}{\left|V\left(s\right)\right|\&times;T\left(s\right)}$

$T\left(s\right)=1+\left(\underset{h\&Element;V\left(s\right)}{\&Sigma;}\right(\underset{c=1}{\overset{\left|V_c(c,s)\right|}{\&Sigma;}}\frac{{\mathrm{\&Sigma;}}_{\left|V_c(c,s)\right|>e_v\left(s\right)}\left|V_c(c,s)\right|}{\left|V\left(s\right)\right|}\left)\right)$

Wherein, M (s) represents that the feedback for cloud service s is piled, and namely submits the total number of users trusting feedback to for cloud service s；V (s) represents the trust for cloud service s and feeds back；| V (s) | represents for the cloud service s trust feedback quantity submitted to；T (s) represents feedback quantity factor of conspiring, and ev (s) represents conspiracy feedback quantity threshold value, | V_c(c, s) | represent the user c trust feedback quantity for the submission of cloud service s；

(2.2) when in the time period for cloud service s trust feed back total amount vary more than to a certain degree time, then it is assumed that between occurring in that or property conspire feedback, namely whenMore than conspire amount threshold time, it is believed that between there occurs or property conspire feedback, wherein | V (s) | '-| V (s) | is the time period | t₀, t | the trust feedback quantity of the interior change for cloud service s.

In an embodiment of the present invention, for increasing the accuracy trusting credible result degree, the feedback of trusting that described method also includes drawing after evaluating credibility and rejecting malicious user carries out the process of Sybil attack detecting, specific as follows:

(3.1) user identity registration

In trusted identity is registered, identity record L is by the main identity C of m user_p={ p₁,p₂,…p_mAnd n certificate attribute C_a{a₁,a₂,…a_nComposition, namely use C_p×C_aMatrix represents identity record L, covers all users of registration in TMS；

(3.2) when in the time period for cloud service s submit to feedback user set up identity sum vary more than to a certain degree time, then it is assumed that between occurring in that or property conspire feedback, namely whenDuring more than identity amount threshold, it is believed that between there occurs or property Sybil attack, wherein | L (s) | '-| L (s) | is the time period | t₀, t | the user identity quantity of the interior change for cloud service s.

Compared to prior art, the method have the advantages that the inventive method can effectively detect the misleading feedback in conspiracy attack, and Sybil attack, and the credibility formula by setting up so that user can the really credible cloud service provider of more effective selection.

Accompanying drawing explanation

Fig. 1 is cloud computing trust management framework figure of the present invention.

Fig. 2 is the time window schematic diagram of mechanism that the present invention adopts.

Fig. 3 is the Waves attacking behavior model figure that the present invention adopts.

Fig. 4 is the Peaks attacking behavior model figure that the present invention adopts.

Fig. 5 is present invention vigorousness experiment A figure when in the face of conspiracy attack.

Fig. 6 is present invention vigorousness experiment B figure when in the face of conspiracy attack.

Fig. 7 is present invention vigorousness experiment A ' figure when in the face of conspiracy attack.

Fig. 8 is present invention vigorousness experiment B ' figure when in the face of conspiracy attack.

Fig. 9 is present invention vigorousness experiment D figure when in the face of Sybil attack.

Figure 10 is present invention vigorousness experiment E figure when Sybil attack.

Figure 11 is present invention vigorousness experiment D ' figure when Sybil attack.

Figure 12 is present invention vigorousness experiment E ' figure when Sybil attack.

Detailed description of the invention

Below in conjunction with accompanying drawing, technical scheme is specifically described.

The present invention's is a kind of based on the cloud computing trust management method evaluating credibility, owing to can affect the credit worthiness of cloud service from the malice evaluation of user, the calculating of feedback credibility need to be carried out for this, to reject malicious user evaluation, namely rejecting incredible feedback of trusting, concrete calculating process is as follows:

IfRepresent user subject c_iAt t_kThe service entities s of reception_jThe set of the Service Properties metric provided, t_kRepresent the time of kth time transaction, and

$W_{c_i\&RightArrow;s_j}^{t_k}(c_i,s_j,t_k)=\{W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_1}^{t_k},......,W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_p}^{t_k}\}$

Represent user subject c_iAt t_kThe service entities s that reception arrives_jThe t the metric Mr provided_tService quality, and $0\&le;W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_1}^{t_k},......,W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_p}^{t_k}\&le;1;$

S1: calculate transaction satisfaction:

User subject c_iAccording to service entities s_jIt is supplied to oneself service ability and s_jThe service ability oneself declared compares, according to mathematic interpolation satisfaction；With ρ (c_i,s_j,t_k) represent user subject c_iTo service entities s_jAt t_kThe satisfaction of the service that the moment provides, calculation is as follows:

$\mathrm{\&rho;}(c_i,s_j,t_k)=\underset{t=1}{\overset{p}{\&Sigma;}}{\mathrm{\&delta;}}_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}$

Being the satisfaction of single Service Properties metric, computational methods are as follows:

${\mathrm{\&delta;}}_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}=\left\{\begin{array}{c}1,W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}-W_{s_j,{\mathrm{Mr}}_t}^{t_k}\&GreaterEqual;0\\ {\mathrm{\&gamma;}}^{\left|W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}-W_{s_j,{\mathrm{Mr}}_t}^{t_k}\right|},W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}-W_{s_j,{\mathrm{Mr}}_t}^{t_k}<0\end{array}\right.$

In formula,Represent service entities s_jAt t_kThe t Service Properties Mr that moment is declared_tQuality, andWhenTime, it was shown that service entities s_jMeet user subject c_iDemand, now transaction satisfaction be 1；WhenTime, it was shown that service entities s_jThe service ability provided and user subject c_iDemand there is deviation, deviation is more big,Value more little, wherein 0 < γ < 1；

Ageing for ensureing that calculating has, introduce time window concept win；When calculating credibility only with the record in win；Time window mechanism is time per unit section, and time window win moves forward the length of a unit；

According to user subject c in time window win_iTo service entities s_jSatisfaction of every time concluding the business, obtain service entities s_jDirect dealing degree of belief:

$T_{c_i,s_j}^{t_r}=\frac{\mathrm{\&psi;}\left(f_{c_i}^{t_r}\right)\underset{k=z}{\overset{r}{\&Sigma;}}u\left(k\right)\mathrm{\&rho;}(c_i,s_j,t_k)}{\underset{k=z}{\overset{r}{\&Sigma;}}u\left(k\right)}$

Wherein,Current time t_r, user subject c_iThe number of times concluded the business in time window win isFor transaction count function, expression more many services of transaction count in time window win are more credible；U (k) is time attenuation function, order0 < τ < 1；

S2: Calculation Estimation satisfaction:

According to service entities s_jCredit worthinessWith user subject c_iTo s_jEvaluate produce direct dealing degree of beliefMathematic interpolation evaluate satisfaction；WithRepresent service entities s_jTo user subject c_iThe evaluation satisfaction provided；

If service entities s_jDistance current time t_rThe credit worthiness of last update isThen

${\mathrm{\&eta;}}_{s_j,c_i}^{t_r}=\left\{\begin{array}{c}{\mathrm{\&beta;}}^{\left|T_{c_i,s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_r-1}\right|},\left|T_{c_i.s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_{r-1}}\right|\&le;\mathrm{\&theta;}\\ -{\mathrm{\&beta;}}^{\left|T_{c_i,s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_r-1}\right|},\left|T_{c_i.s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_{r-1}}\right|>\mathrm{\&theta;}\end{array}\right.$

In formula, θ is threshold value；WhenTime, owing to the direct dealing degree of belief of this user is closer to the credit worthiness of this service, it was shown that user evaluates relatively true, and the more little validity of difference is more high；WhenTime, represent that user evaluates and untrue；Wherein, 0 < β < 1；

S3: Calculation Estimation credibility:

According to the repeatedly evaluation satisfaction in time window win, user subject c_iTo service entities s_jFeedback credibility drawn by below equation:

${\mathrm{EH}}_{c_i,s_j}^{t_r}=\frac{\underset{t_k\&Subset;win}{\overset{t_r}{\&Sigma;}}{\mathrm{\&eta;}}_{s_j,c_i}^{t_r}}{f_{c_i}^{t_r}}$

With user subject c in time window win_iThe service entities collection being traded is: P={s₁,……,s_n, user subject c_iFinal credibility of evaluating be:

${\mathrm{EH}}_{c_i}^{t_r}=\frac{\underset{t=1}{\overset{n}{\&Sigma;}}{\mathrm{EH}}_{c_i,s_t}^{t_r}}{\left|P\right|}$

Wherein, | P | represents the quantity of service entities in set P；

S4: calculate credit worthiness:

According to all users, the transaction trust degree of service be can be derived that the credit worthiness of this service entities, the user tried to achieve before is evaluated credibility as corresponding weight；

With service entities s in time window win_jThe user subject set being traded is C₁={ c_1,…,c_n, then service entities s_jCredit worthiness can be obtained by below equation:

${\mathrm{TD}}_{s_j}^{t_r}=\frac{\underset{i=1}{\overset{n}{\&Sigma;}}{\mathrm{EH}}_{c_i}^{t_r}{T}_{c_i,s_j}^{t_r}}{\left|C_1\right|}.{\mathrm{\&lambda;}}^{\frac{1}{\left|C_1\right|}}$

Wherein, | C₁| represent the quantity of user subject, λ ∈ (0,1), be used for representing in time window win and service entities s_jThe number of users being traded is more many, then service entities s_jCredibility is more high.

For increasing the accuracy trusting credible result degree, described method also includes the process that the trust feedback drawn after evaluation credibility rejects malicious user carries out conspire to feed back detecting, specific as follows:

(2.1) the feedback density formula setting up cloud service s is as follows:

$D\left(s\right)=\frac{M\left(s\right)}{\left|V\left(s\right)\right|\&times;T\left(s\right)}$

$T\left(s\right)=1+\left(\underset{h\&Element;V\left(s\right)}{\&Sigma;}\right(\underset{c=1}{\overset{\left|V_c(c,s)\right|}{\&Sigma;}}\frac{{\mathrm{\&Sigma;}}_{\left|V_c(c,s)\right|>e_v\left(s\right)}\left|V_c(c,s)\right|}{\left|V\left(s\right)\right|}\left)\right)$

Wherein, M (s) represents that the feedback for cloud service s is piled, and namely submits the total number of users trusting feedback to for cloud service s；V (s) represents the trust for cloud service s and feeds back；| V (s) | represents for the cloud service s trust feedback quantity submitted to；T (s) represents feedback quantity factor of conspiring, e_vS () represents conspiracy feedback quantity threshold value, | V_c(c, s) | represent the user c trust feedback quantity for the submission of cloud service s；

(2.2) when in the time period for cloud service s trust feed back total amount vary more than to a certain degree time, then it is assumed that between occurring in that or property conspire feedback, namely whenMore than conspire amount threshold time, it is believed that between there occurs or property conspire feedback, wherein | V (s) | '-| V (s) | is the time period | t₀, t | the trust feedback quantity of the interior change for cloud service s.

For increasing the accuracy trusting credible result degree, the feedback of trusting that described method also includes drawing after evaluating credibility and rejecting malicious user carries out the process of Sybil attack detecting, specific as follows:

(3.1) user identity registration

In trusted identity is registered, identity record L is by the main identity C of m user_p={ p₁,p₂,…p_mAnd n certificate attribute C_a{a₁,a₂,…a_nComposition, namely use C_p×C_aMatrix represents identity record L, covers all users of registration in TMS；

(3.2) when in the time period for cloud service s submit to feedback user set up identity sum vary more than to a certain degree time, then it is assumed that between occurring in that or property conspire feedback, namely whenDuring more than identity amount threshold, it is believed that between there occurs or property Sybil attack, wherein | L (s) | '-| L (s) | is the time period | t₀, t | the user identity quantity of the interior change for cloud service s.

The process of specifically setting up based on the cloud computing trust management method evaluating credibility of the present invention is as follows.

1 cloud computing trust management framework

Cloud computing trust management framework is based upon on service-oriented framework (ServiceOrientedArchitecture, SOA), and degree of belief is transmitted by SOA as one service.Resource in cloud computing is exposed on high in the clouds as service^[9]So that SOA and Web service become one of most important technology in some sense.Trust management service makes user that feedback or inquiry can be submitted to trust result.Fig. 1 shows that cloud computing trust management framework is divided into three layers, is that cloud service provides layer, trust management service layer and cloud service consumer layer respectively.

1) cloud service provides layer.This layer is made up of the different cloud service provider that can provide some cloud services.These cloud services can be obtained by portal website.Interaction on this layer may be considered that the cloud service of cloud service provider and user and TMS is interactive and cloud service provider is the advertisement that its service is done.

2) trust management service layer.This layer is made up of the some TMS distribution nodes being distributed in the cloud environment in different geographical.These TMS nodes provide interface so that user can submit to feedback and inquiry to trust result.The interaction of this layer includes: (1) is interactive with the cloud service of cloud service provider；(2) cloud service allowed users to by Internet contact to new cloud service degree of belief finds.(3) evaluate credibility to calculate and make the TMS credibility of feedback being able to verify that particular consumer.

3) cloud service consumer layer.This layer is made up of the user using cloud service.The interaction of this layer includes: (1) allows users to the cloud service new by Network finding.(2) allow users to submit feedback to for special services.(3) allow users to be set up the registration of identity archives by registration certificate.

2 management services

2.1 identity management services

As document [10] emphasize, degree of belief and authentication have very strong relatedness, it is proposed that use the credibility that identity management services (IdentityManagementService, IdM) helps TMS measure user to feed back.But, process IdM information and may offend the privacy of user.The method of one protection privacy is to use password encryption technology, but does not process the effective ways adding ciphertext data at present^[11].Another kind of method is to use anonymity technology to go to process IdM information, thus will not invade the privacy of user.Obviously, between height anonymization and effective, there is balance.Height anonymization means better privacy, and effective then can cause that privacy can not get protection.

2.2 trust management services

In the typical case of TMS is mutual, user can submit feedback to for the credibility of particular cloud service, it is also possible to obtains the trust evaluation of this service.When user uses TMS first time, they need to register the certificate of oneself to set up identity archives in the trusted identity registry (TrustIdentityRegistry) of IdM.There is identity record trusted identity registry, by array I=(C, C_a,T_i) represent the identity of each user.Wherein, C is user's name；C_aThe attribute of representative capacity, such as password, IP address etc.；T_iRepresent user's enrollment time at TMS.

By the feedback of user, what the trusting behavior of cloud service was actually a historical record calls set, by array H=(C, S, F, T_f) represent.Wherein, C is user's name, and S represents cloud service.F is a series of trust feedbacks, including safety, response time, availability etc..In F each trusting feedback by the scope numeric representation in [0,1], 0,0.5,1 represents passiveness, neutrality, actively respectively.T_fRepresent and trust the timestamp that feedback is submitted to.When C requires the trust evaluation of S, TMS can calculate trust result T_r(s), computing formula is as follows:

$T_r\left(s\right)=\frac{{\mathrm{\&Sigma;}}_{c=1}^{\left|V\left(s\right)\right|}F(c,s)}{\left|V\left(s\right)\right|}\&times;C_t(s,t_0,t)---\left(1\right)$

In formula, V (s) represents all trusts for cloud service s and feeds back；| V (s) | represents the sum trusting feedback；(c, s) refers to that the trust from user C is fed back to F, and when C value is different, (c's F s) also changes；C_t(s,t₀, it is t) within a period of time, trust the speed that result changes, it makes TMS can be that result is trusted in the cloud service adjustment affected by malicious act.

3 Credibility Models

It is proposed that the purpose of design of Credibility Model have: 1) conspire feedback detecting.Including calculating feedback density and detecting intermittence conspiracy feedback.2) Sybil attack detecting.Including the intermittent Sybil attack of user identity registration and detecting.3) feedback credibility that user provides is calculated.

3.1 conspire to feed back detecting

3.1.1 density is fed back

Malicious user may send spurious feedback to manipulate the trust result of cloud service.Some researcheres think that high trusted feedback quantity can help user to resist this type of malice manipulation^[12].But, trusted feedback quantity can not determine to trust the reliability of feedback completely.For example, it is assumed that there are two different cloud service S_xAnd S_y, their trusted feedback quantity is all significantly high, S_xThe positive feedback of 79%, S is had at 150 in feeding back_yThe positive feedback of 87% is had at 150 in feeding back.So user is generally selected the cloud service S that trusted feedback quantity is higher_y.But S_yBeing probably the result that conspiracy attack causes, this means that we should select S_x。

In order to solve this problem, we introduce the concept of feedback density and assist in the reliability trusting feedback.The total number of users trusting feedback to particular cloud service commitment is called feedback heap by us, and the trust feedback sum of submission is called feedback quantity.Feedback quantity is subject to the impact of conspiracy feedback quantity, and conspires feedback quantity by conspiring amount threshold control.Such as, if conspiracy amount threshold is 15, then feedback quantity is more than 15, and whether user under a cloud will take part in conspiracy feedback.

Feedback density D (s) of cloud service s is drawn by formula (2):

$D\left(s\right)=\frac{M\left(s\right)}{\left|V\left(s\right)\right|\&times;T\left(s\right)}---\left(2\right)$

In formula, M (s) represents that the feedback for cloud service s is piled.| V (s) | represents the feedback quantity for cloud service s.T (s) represents feedback quantity factor of conspiring, and this value can reduce too much feeds back, from same user, the interference brought, formula (3) provide, wherein e_vS () represents conspiracy feedback quantity threshold value, | V_c(c, s) | represent that user c is for the cloud service s feedback quantity submitted to.

$T\left(s\right)=1+\left(\underset{h\&Element;V\left(s\right)}{\&Sigma;}\right(\underset{c=1}{\overset{\left|V_c(c,s)\right|}{\&Sigma;}}\frac{{\mathrm{\&Sigma;}}_{\left|V_c(c,s)\right|>e_v\left(s\right)}\left|V_c(c,s)\right|}{\left|V\left(s\right)\right|}\left)\right)---\left(3\right)$

Such as, two the cloud service S carried above_xAnd S_y, S_xThe positive feedback of 79%, S is had at 150 in feeding back_yThe positive feedback of 87% is had at 150 in feeding back.Assuming that for S_xFeedback heap higher than S_y(such as M (x)=20, M (y)=5).Feedback quantity for two cloud services is respectively | V_c(c, x) |=60 Hes | V_c(c, y) |=130.We it is further assumed that conspire amount threshold e_v=10.Can obtain according to formula (2), D (x)=0.0952, D (y)=0.0173, S_xFeedback density more than S_y, also imply that, for S_xThe reliability of feedback high.

3.1.2 intermittent feedback of conspiring

Conspiracy attack for cloud service occurs once in a while^[13], the time is considered as detecting a key factor in intermittent conspiracy attack and periodicity conspiracy attack by we.Assume that | the V (s) | of the feedback quantity for cloud service s occurred in the time period | t₀, t | in.Change suddenly in feedback behavior generally means that generation intermittence conspiracy feedback, works as the time period | t₀, t | internal feedback amount | V (s) | is when varying more than to a certain degree, namely whenDuring more than conspiracy amount threshold, it is believed that there occurs intermittent feedback of conspiring.

3.2 Sybil attack detectings

3.2.1 user identity registration

Owing to user must register in trusted identity registry, we can compare attribute and the identity record L of user certificate, and it is primarily intended to protection cloud service and uses multiple identities to manipulate trust result from malicious user.In trusted identity registry, identity record L is by main identity (such as the user name) C of m user_p={ p₁,p₂,…p_mAnd n certificate attribute (password, IP address etc.) C_a{a₁,a₂,…a_nComposition, namely use C_p×C_aMatrix represents identity record L, covers all users of registration in TMS.

3.2.2 intermittent Sybil attack

So-called intermittent Sybil attack refers to that malicious user by creating multiple account and may send at short notice and misleads feedback and manipulate trust result.In order to overcome intermittent Sybil attack, in the time period | t₀, t | the interior user to submitting feedback to sets up identity sum | L (s) |.The change suddenly setting up identity sum means to may have occurred intermittent Sybil attack.We measure and set up the ratio that identity sum changes suddenly in all identity behaviors, whenDuring more than threshold value, it is believed that there occurs intermittent Sybil attack in this period.

3.3 evaluate credibility computing module

Malice evaluation from user can affect the credit worthiness of cloud service equally so that it is not by new customer acceptance.So the evaluation credibility calculating user is very necessary, and identify malicious user with this, protect trust management model.

IfFor user subject c_iAt t_kThe service entities s of reception_jThe set of the Service Properties metric provided, t_kRepresent the time of kth time transaction, then

$W_{c_i\&RightArrow;s_j}^{t_k}(c_i,s_j,t_k)=\{W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_1}^{t_k},......,W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_p}^{t_k}\}---\left(4\right)$

In formula,Represent user subject c_iAt t_kThe service entities s that reception arrives_jThe t metric Mr of the Service Properties provided_tService quality, and $0\&le;W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_1}^{t_k},......,W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_p}^{t_k}\&le;1.$

3.3.1 conclude the business satisfaction

So-called transaction satisfaction refers to user subject c_iBy service entities s_jIt is supplied to oneself service ability and s_jThe service ability oneself declared compares, according to the satisfaction that mathematic interpolation obtains.With ρ (c_i,s_j,t_k) represent user subject c_iTo service entities s_jAt t_kThe transaction satisfaction of the service that the moment provides, shown in calculation such as formula (5):

$\mathrm{\&rho;}(c_i,s_j,t_k)=\underset{t=1}{\overset{p}{\&Sigma;}}{\mathrm{\&delta;}}_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}---\left(5\right)$

In formula,It is the transaction satisfaction of single Service Properties metric, shown in computational methods such as formula (6):

${\mathrm{\&delta;}}_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}=\left\{\begin{array}{c}1,W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}-W_{s_j,{\mathrm{Mr}}_t}^{t_k}\&GreaterEqual;0\\ {\mathrm{\&gamma;}}^{\left|W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}-W_{s_j,{\mathrm{Mr}}_t}^{t_k}\right|},W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}-W_{s_j,{\mathrm{Mr}}_t}^{t_k}<0\end{array}\right.---\left(6\right)$

In formula,Represent service entities s_jAt t_kThe t Service Properties Mr that moment is declared_tQuality, andWhenShow service entities s_jMeet user subject c_iDemand, now transaction satisfaction be 1.WhenTime, it was shown that service entities s_jThe service ability provided and user subject c_iDemand there is deviation, deviation is more big,Value more little.

It addition, ageing in order to ensure that calculating has, introduce time window concept win^[14].When calculating credibility only with the record in win.Time window mechanism is time per unit section, and time window win moves forward the length of a unit, as shown in Figure 2.

According to user subject c in time window win_iTo service entities s_jSatisfaction of every time concluding the business, obtain service entities s_jDirect dealing degree of belief, as shown in formula (7):

$T_{c_i,s_j}^{t_r}=\frac{\mathrm{\&psi;}\left(f_{c_i}^{t_r}\right)\underset{k=z}{\overset{r}{\&Sigma;}}u\left(k\right)\mathrm{\&rho;}(c_i,s_j,t_k)}{\underset{k=z}{\overset{r}{\&Sigma;}}u\left(k\right)}---\left(7\right)$

In formula,Current time t_r, user subject c_iThe number of times concluded the business in time window win isFor transaction count function, expression more many services of transaction count in time window win are more credible.U (k) is time attenuation function, order0<τ<1。

3.3.2 satisfaction is evaluated

The so-called satisfaction evaluating the evaluation that satisfaction refers to that user subject provides by service entities.According to service entities s_jCredit worthinessWith user subject c_iTo service entities s_jEvaluate produce direct dealing degree of beliefMathematic interpolation evaluate satisfaction.The credit worthiness of service entities is by the evaluation credibility of user as Appreciation gist, and meeting is described below.WithRepresent service entities s_jTo user subject c_iThe evaluation satisfaction provided.

If service entities s_jDistance current time t_rThe credit worthiness of last update isThen

${\mathrm{\&eta;}}_{s_j,c_i}^{t_r}=\left\{\begin{array}{c}{\mathrm{\&beta;}}^{\left|T_{c_i,s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_r-1}\right|},\left|T_{c_i.s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_{r-1}}\right|\&le;\mathrm{\&theta;}\\ -{\mathrm{\&beta;}}^{\left|T_{c_i,s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_r-1}\right|},\left|T_{c_i.s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_{r-1}}\right|>\mathrm{\&theta;}\end{array}\right.---\left(8\right)$

In formula, θ is threshold value.WhenTime, owing to the direct dealing degree of belief of this user is closer to the credit worthiness of this service, it was shown that user evaluates relatively true, and the more little validity of difference is more high.WhenTime, represent that user evaluates and untrue.Wherein, 0 < β < 1.

3.3.3 credibility is evaluated

According to the repeatedly evaluation satisfaction in time window win, user subject c_iTo service entities s_jFeedback credibility drawn by below equation:

${\mathrm{EH}}_{c_i,s_j}^{t_r}=\frac{\underset{t_k\&Subset;win}{\overset{t_r}{\&Sigma;}}{\mathrm{\&eta;}}_{s_j,c_i}^{t_r}}{f_{c_i}^{t_r}}---\left(9\right)$

With user subject c in time window win_iThe service entities collection being traded is: P={s₁,……,s_n, user subject c_iFinal credibility of evaluating be:

${\mathrm{EH}}_{c_i}^{t_r}=\frac{\underset{t=1}{\overset{n}{\&Sigma;}}{\mathrm{EH}}_{c_i,s_t}^{t_r}}{\left|P\right|}---\left(10\right)$

Wherein, | P | represents the quantity of service entities in set P.

3.3.4 credit worthiness calculates

According to all users, the transaction trust degree of this service be can be derived that the credit worthiness of this service entities, the user tried to achieve before is evaluated credibility as corresponding weight.

With service entities s in time window win_jThe user subject set being traded is C₁={ c₁..., c_n, then service entities s_jCredit worthiness can be obtained by below equation.

${\mathrm{TD}}_{s_j}^{t_r}=\frac{\underset{i=1}{\overset{n}{\&Sigma;}}{\mathrm{EH}}_{c_i}^{t_r}{T}_{c_i,s_j}^{t_r}}{\left|C_1\right|}.{\mathrm{\&lambda;}}^{\frac{1}{\left|C_1\right|}}---\left(11\right)$

Wherein, | C₁| represent the quantity of user subject, λ ∈ (0,1), be used for representing in time window win and service entities s_jThe number of users being traded is more many, then service entities s_jCredibility is more high.

4 emulation experiments and experimental evaluation

In this joint, we are verified enforcement and the experimental results of this model.Our experiment can be verified the effectiveness of Credibility Model and resist the ability that malicious node is attacked, and the CCIDTM model proposed using document [16] is as reference.

4.1 experimental situations

The enforcement of trust management service is a part of this framework, and the framework provides a trust management platform based on evaluation credibility for cloud service.This platform provides user can submit the environment of the trust evaluation feeding back and requiring cloud service to.Trust management service (TMS) is made up of two parts: trust data supply (TrustDataProvisioning) and trust evaluation function (TrustAssessmentFunction).

Trust data supply is responsible for collecting cloud service and trust information.We use cloud service reptile (CloudServicesCrawler) module to enable the platform to the cloud service automatically finding on network.Additionally trust feedback capture (TrustFeedbackCollector) module directly collect feedback from user and be stored in trust feedback database.When user uses this platform first time must in identity management services (IdentityManagementService) certificate of registration.Identity information is collected (IdentityInfoCollector) module and is responsible for collecting the sum setting up identity.

Trust evaluation function is responsible for process and is processed the trust evaluation demand from user, and can distinguish malicious user according to the evaluation credibility of user.Further, we used trust evaluation (TrustAssessor) and compare the credibility of cloud service and the meansigma methods of the feedback of all submissions of calculating.The trust result of each cloud service goes out to exist trusts in result.

4.2 credibility model experiments

We utilize the true trust evaluation in cloud service to test credibility model.Especially, we use reptile to submit to the website of feedback to be collected some websites and user.We manage have collected 876 feedbacks that 580 users submit to for 30 real cloud services, and first evaluation credibility according to user distinguishes malicious user, uses remaining user subject to test.

Testing all corresponding different attacking behavior model for each group, respectively: Waves (Fig. 3) and Peaks (Fig. 4), they represent different attack model structures, and shape is as shown in the figure.It is as shown below that (in Fig. 3, abscissa is T_f, vertical coordinate is | V (s) |；In Fig. 4, abscissa is T_i, vertical coordinate is | L (s) |):

Attacking behavior model represents the sum of malice feedback in a special time example.Such as, Fig. 3 works as T_f=40, | V (s) |=60 malice feedback.Behavior model can also represent the identity sum that assailant sets up in a period of time when running into Sybil attack.Such as, Fig. 4 works as T_i=20, | L (s) |=10 malice identity.

In conspiracy attack, we have imitated malice feedback increases the trust result of cloud service, and in Sybil attack, we have imitated malice feedback and have reduced the trust result of cloud service.In order to assess the credibility model vigorousness when tackling malicious act, we used two experiment conditions: I. use the vigorousness of tradition CCIDTM model measurement credibility model.II. use two tolerance to carry out the performance of test model, be precision (how TMS shows when attack detecting) respectively, recall (how much the attack being detected is genuine if having).We have organized 8 experiments, are wherein used for for 4 times assessing credibility model vigorousness when in the face of conspiracy attack, are then used for for all the other 4 times verifying the vigorousness when Sybil attack.As shown in table 1 below:

Table 1 experimental model parameter list

4.2.1 in the face of the vigorousness of conspiracy attack

For conspiracy attack, we have imitated malicious user, by submitting to the feedback in scope [0.7,1.0] to increase the trust result of cloud service.Fig. 5 to Fig. 8 describes four experiments of evaluation model vigorousness when in the face of conspiracy attack: A, B, the A shown in table 1 ', B ' in 4.2 trifles.In Fig. 5 to Fig. 8, A, B (red line represents conventional model, and blue line represents credibility model) represents the trust result that Setup Experiments is I, A ', and B ' describes the result that Setup Experiments is II

It was noted that when degree of belief uses conventional model to calculate, time instance, closer to 100, trusts result more high.The reason that this phenomenon occurs is that malicious user have submitted misleading feedback to increase the trust result of cloud service.On the other hand, trust result to show when using credibility model to calculate almost without changing.Which demonstrate credibility model to be sensitive for conspiracy attack and malicious act can be detected.It has been found that the mark of recall is all higher when using two behavior models, it means that the attack that great majority are detected is all real, also demonstrate that our credibility model can successfully detect conspiracy attack.

4.2.2 in the face of the vigorousness of Sybil attack

For the experiment of Sybil attack, we simulate malicious user by setting up multiple identities and submitting the trust result of the maliciously cloud service of feedback to.Fig. 9 to Figure 12 describes the evaluation model analysis result in 4 experiments of the vigorousness of reply Sybil attack.Wherein D, E (blue line represents conventional model, and red line represents credibility model) show that Setup Experiments is trust result when I, D ', and it is trust result when II that E ' describes Setup Experiments.

From figure, we are it is found that use the trust result that conventional model obtains to reduce when time instance is close to 100.This is because malicious user is by submitting to misleading feedback to reduce the trust result of cloud service.On the other hand, use the trust result that credibility model obtains higher than what use conventional model to obtain.It can be seen that recall score value is the highest when adopting Waves model, and when adopting Peaks model, precision score value is higher, also demonstrates that our model can well detect Sybil attack.

It is above presently preferred embodiments of the present invention, all changes made according to technical solution of the present invention, when produced function is without departing from the scope of technical solution of the present invention, belong to protection scope of the present invention.

List of references:

[1] Zhang Lin, Wang Ruchuan, Zhang Yongping. a kind of Trust Valuation Model [J] that can be used for grid environment based on fuzzy set. electronic letters, vol, 2008,36 (5): 862-868.

[2] Tian Liqin, Lin Chuan. based on the user behavior trust valuation mechanism [J] of double; two sliding windows. Tsing-Hua University's journal: natural science edition, 2010,50 (5): 763-767.

[3] Tian Junfeng, Cao Xun. the cloud user behavior based on multi-section figure assert model [J]. Journal of Computer Research and Development, 2014,51 (10): 2308-2317.

[4] Wang Ruchuan, Zhang Lin, Rao Kaili. based on the dynamic trust evaluation model [J] evaluating credibility under cloud computing environment. communication journal, 2013

[5] Zhou Qian, Yu Jiong. based on the system of defense model [J] trusted under cloud computing. computer utility, 2011,31 (06): 1531-1535.

[6] Lv Yanxia, Tian Liqin, Sun Shanshan. analyze [J] based on the credible evaluation of the user behavior of FANP with control under cloud computing environment. computer science, 2013,4 (1):

[7]BROSSOI,NEVEA,BRESSANG,etal.Acontinuousauthenticationsystembasedonuserbehavioranalysis[C]//Procof2010IntConfonAvailability,ReliabilityandSecurity.Piscataway,NJ:IEEE,2010:380-385.

[8] Wang Shouxin, Zhang Li, Li Hesong. a kind of subjective trust evaluation method based on cloud model [J]. Chinese journal of computers, 2010,21 (6): 1341-1352.

[9]T.Dillon,C.Wu,andE.Chang,“CloudComputing:IssuesandChallenges,”inProc.ofAINA’10,2010.

[10]O.DavidandC.Jaquet,“TrustandIdentificationintheLightofVirtualPersons,”pp.1-103,Jun2009,accessed10/3/2011,Availableat:http://www.fidis.net/resources/deliverables/identify-of-identify/.

[11]S.PearsonandA.Benameur,“Privacy,SecurityandTrustIssuesArisingFromCloudComputing,”inProc.CloudCom’10,2010.

[12]L.XiongandL.Liu,“Peertrust:SupportingReputation-basedTrustforPeer-to-PeerElectronicCommunities,”IEEETransactionsonKnowledgeandDataEngineering,vol.16,no.7,pp.843-857,2004.

[13]K.Ren,C.Wang,andQ.Wang,“SecurityChallengesforthePublicCloud,”IEEEInternetComputing,vol.16,no.1,pp.69-73,2012.

[14] Shi Zhiguo, Liu Jiwei, Wang Zhiliang. based on the dynamic P2P trust model [J] of time window feedback mechanism. communication journal, 2010,31 (2): 120-129.

[15]A.Birolini,ReliabilityEngineering:TKeoryandPractice.Springer,2010.

[16] Xie Xiaolan, Liu Liang, Zhao Peng. facing cloud calculates the trust model [J] based on bilayer excitation and fraud detection. electronics and information journal, 2012,34 (4): 812-817..

Claims (3)

1. the cloud computing trust management method based on evaluation credibility, it is characterized in that: owing to can affect the credit worthiness of cloud service from the malice evaluation of user, the calculating of feedback credibility need to be carried out for this, to reject malicious user evaluation, namely rejecting incredible feedback of trusting, concrete calculating process is as follows:

IfRepresent user subject c_iAt t_kThe service entities s of reception_jThe set of the Service Properties metric provided, t_kRepresent the time of kth time transaction, and

$W_{c_i\&RightArrow;s_j}^{t_k}(c_i,s_j,t_k)=\{W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_1}^{t_k},\mathrm{......},W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_p}^{t_k}\}$

Represent user subject c_iAt t_kThe service entities s that reception arrives_jThe t the metric Mr provided_tService quality, and $0\&le;W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_1}^{t_k},......,W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_p}^{t_k}\&le;1;$

S1: calculate transaction satisfaction:

User subject c_iAccording to service entities s_jIt is supplied to oneself service ability and s_jThe service ability oneself declared compares, according to mathematic interpolation satisfaction；With ρ (c_i,s_j,t_k) represent user subject c_iTo service entities s_jAt t_kThe satisfaction of the service that the moment provides, calculation is as follows:

$\mathrm{\&rho;}(c_i,s_j,t_k)=\underset{t=1}{\overset{p}{\&Sigma;}}{\mathrm{\&delta;}}_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}$

Being the satisfaction of single Service Properties metric, computational methods are as follows:

${\mathrm{\&delta;}}_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}=\{\begin{array}{c}1,W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}-W_{s_j,{\mathrm{Mr}}_t}^{t_k}\&GreaterEqual;0\\ {\mathrm{\&gamma;}}^{\left|W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}-W_{s_j,{\mathrm{Mr}}_t}^{t_k}\right|},W_{c_i\&RightArrow;s_j,{\mathrm{Mr}}_t}^{t_k}-W_{s_j,{\mathrm{Mr}}_t}^{t_k}<0\end{array}$

In formula,Represent service entities s_jAt t_kThe t Service Properties Mr that moment is declared_tQuality, andWhenTime, it was shown that service entities s_jMeet user subject c_iDemand, now transaction satisfaction be 1；WhenTime, it was shown that service entities s_jThe service ability provided and user subject c_iDemand there is deviation, deviation is more big,Value more little, wherein 0 < γ < 1；

Ageing for ensureing that calculating has, introduce time window concept win；When calculating credibility only with the record in win；Time window mechanism is time per unit section, and time window win moves forward the length of a unit；

According to user subject c in time window win_iTo service entities s_jSatisfaction of every time concluding the business, obtain service entities s_jDirect dealing degree of belief:

$T_{c_i,s_j}^{t_r}=\frac{\mathrm{\&psi;}\left(f_{c_i}^{t_r}\right)\underset{k=z}{\overset{r}{\&Sigma;}}u\left(k\right)\mathrm{\&rho;}(c_i,s_j,t_k)}{\underset{k=z}{\overset{r}{\&Sigma;}}u\left(k\right)}$

Wherein,Current time t_r, user subject c_iThe number of times concluded the business in time window win isFor transaction count function, expression more many services of transaction count in time window win are more credible；U (k) is time attenuation function, order

S2: Calculation Estimation satisfaction:

According to service entities s_jCredit worthinessWith user subject c_iTo s_jEvaluate produce direct dealing degree of beliefMathematic interpolation evaluate satisfaction；WithRepresent service entities s_jTo user subject c_iThe evaluation satisfaction provided；

If service entities s_jDistance current time t_rThe credit worthiness of last update isThen

${\mathrm{\&eta;}}_{s_j,c_i}^{t_r}=\left\{\begin{array}{c}{\mathrm{\&beta;}}^{\left|T_{c_i,s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_r-1}\right|},\left|T_{c_i.s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_{r-1}}\right|\&le;\mathrm{\&theta;}\\ -{\mathrm{\&beta;}}^{\left|T_{c_i,s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_r-1}\right|},\left|T_{c_i.s_j}^{t_r}-{\mathrm{TD}}_{s_j}^{t_{r-1}}\right|>\mathrm{\&theta;}\end{array}\right.$

In formula, θ is threshold value；WhenTime, owing to the direct dealing degree of belief of this user is closer to the credit worthiness of this service, it was shown that user evaluates relatively true, and the more little validity of difference is more high；WhenTime, represent that user evaluates and untrue；Wherein, 0 < β < 1；

S3: Calculation Estimation credibility:

According to the repeatedly evaluation satisfaction in time window win, user subject c_iTo service entities s_jFeedback credibility drawn by below equation:

${\mathrm{EH}}_{c_i,s_j}^{t_r}=\frac{\underset{t_k\&Subset;win}{\overset{t_r}{\&Sigma;}}{\mathrm{\&eta;}}_{s_j,c_i}^{t_r}}{f_{c_i}^{t_r}}$

With user subject c in time window win_iThe service entities collection being traded is: P={s₁,……,s_n, user subject c_iFinal credibility of evaluating be:

${\mathrm{EH}}_{c_i}^{t_r}=\frac{\underset{t=1}{\overset{n}{\&Sigma;}}{\mathrm{EH}}_{c_i,s_t}^{t_r}}{\left|P\right|}$

Wherein, | P | represents the quantity of service entities in set P；

S4: calculate credit worthiness:

According to all users, the transaction trust degree of service be can be derived that the credit worthiness of this service entities, the user tried to achieve before is evaluated credibility as corresponding weight；

With service entities s in time window win_jThe user subject set being traded is C₁={ c₁,…,c_n, then service entities s_jCredit worthiness can be obtained by below equation:

${\mathrm{TD}}_{s_j}^{t_r}=\frac{\underset{i=1}{\overset{n}{\&Sigma;}}{\mathrm{EH}}_{c_i}^{t_r}{T}_{c_i,s_j}^{t_r}}{\left|C_1\right|}.{\mathrm{\&lambda;}}^{\frac{1}{\left|C_1\right|}}$

Wherein, | C₁| represent the quantity of user subject, λ ∈ (0,1), be used for representing in time window win and service entities s_jThe number of users being traded is more many, then service entities s_jCredibility is more high.

2. according to claim 1 based on the cloud computing trust management method evaluating credibility, it is characterized in that: for increasing the accuracy trusting credible result degree, the feedback of trusting that described method also includes drawing after evaluating credibility and rejecting malicious user carries out the process of conspiracy feedback detecting, specific as follows:

(2.1) the feedback density formula setting up cloud service s is as follows:

$D\left(s\right)=\frac{M\left(s\right)}{\left|V\left(s\right)\right|\&times;T\left(s\right)}$

$T\left(s\right)=1+\left(\underset{h\&Element;V\left(s\right)}{\&Sigma;}\right(\underset{c=1}{\overset{\left|V_c(c,s)\right|}{\&Sigma;}}\frac{{\mathrm{\&Sigma;}}_{\left|V_c(c,s)\right|>e_v\left(s\right)}\left|V_c(c,s)\right|}{\left|V\left(s\right)\right|}\left)\right)$

Wherein, M (s) represents that the feedback for cloud service s is piled, and namely submits the total number of users trusting feedback to for cloud service s；V (s) represents the trust for cloud service s and feeds back；| V (s) | represents for the cloud service s trust feedback quantity submitted to；T (s) represents feedback quantity factor of conspiring, e_vS () represents conspiracy feedback quantity threshold value, | V_c(c, s) | represent the user c trust feedback quantity for the submission of cloud service s；

(2.2) when in the time period for cloud service s trust feed back total amount vary more than to a certain degree time, then it is assumed that between occurring in that or property conspire feedback, namely whenMore than conspire amount threshold time, it is believed that between there occurs or property conspire feedback, wherein | V (s) | '-| V (s) | is the time period | t₀, t | the trust feedback quantity of the interior change for cloud service s.

3. according to claim 1 and 2 based on the cloud computing trust management method evaluating credibility, it is characterized in that: for increasing the accuracy trusting credible result degree, the feedback of trusting that described method also includes drawing after evaluating credibility and rejecting malicious user carries out the process of Sybil attack detecting, specific as follows:

(3.1) user identity registration

In trusted identity is registered, identity record L is by the main identity C of m user_p={ p₁,p₂,…p_mAnd n certificate attribute C_a{a₁,a₂,…a_nComposition, namely use C_p×C_aMatrix represents identity record L, covers all users of registration in TMS；

(3.2) when in the time period for cloud service s submit to feedback user set up identity sum vary more than to a certain degree time, then it is assumed that between occurring in that or property conspire feedback, namely whenDuring more than identity amount threshold, it is believed that between there occurs or property Sybil attack, wherein | L (s) | '-| L (s) | is the time period | t₀, t | the user identity quantity of the interior change for cloud service s.